期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于攻击图的网络风险计算方法 被引量:1

The Network Risk Calculation Model based on Attack Graph
下载PDF
导出
摘要 为了及时发现网络中潜在的攻击威胁、计算网络的潜在风险,提出了一种基于攻击图的网络风险计算方法。通过关联网络中的漏洞建立攻击图、发现潜在的攻击序列和威胁,从而计算网络潜在的风险值。此方法考虑了攻击路径权重和资产权重对网络风险的影响,使计算结果更符合实际情况。实验结果表明,提出的风险计算方法能够准确和有效地计算网络的潜在风险。 In order to discover the potential threat of attack in the network in time and compute the potential network risks,the network risk calculation model based on attack graph was introduced.The model established attack graph through associated weak points in the network,and found out potential attack sequence and threats,calculated the network potential risk value.The model took into account the attack path weight and the assets weight,which made the result more in line with the actual situation.Experimental results showed that,the potential risk which the computational model calculated was more accurate and effective.
作者 黄洋 陈文
机构地区 四川大学计算机学院
出处 《计算机安全》 2013年第7期7-10,共4页 Network & Computer Security
基金 国家自然科学基金(61173159) 四川大学青年教师科研启动基金(2011SCU11086)
关键词 攻击图 潜在风险 攻击路径权重 资产权重 attack graph potential risk attack path weight assets weight
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

二级参考文献73

  • 1苘大鹏,张冰,周渊,杨武,杨永田.一种深度优先的攻击图生成方法[J].吉林大学学报(工学版),2009,39(2):446-452. 被引量:23
  • 2张永铮,云晓春,胡铭曾.基于特权提升的多维量化属性弱点分类法的研究[J].通信学报,2004,25(7):107-114. 被引量:35
  • 3冯萍慧,连一峰,戴英侠,鲍旭华.基于可靠性理论的分布式系统脆弱性模型[J].软件学报,2006,17(7):1633-1640. 被引量:30
  • 4Mehta V, Bartzis C, Zhu H F. Ranking attack graphs//Proceedings of the 9th International Symposium on Recent Advances in Intrusion Detection (RAID). Hamburg, Germany, 2006, 127-144.
  • 5Sawilla R, Ou X M. Identifying critical attack assets in dependency attack graphs//Proceedings of the 13th European Symposium on Research in Computer Security (ESORICS). Malaga, Spain, 2008:18-34.
  • 6Ou X M, Boyer W F. A scalable approach to attack graph generation//Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS). Alexandria, USA, 2006. 336-345.
  • 7Wang L Y, Tania I. An attack graph-based probabilistic security metric//Proceedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec). London, UK, 2008:283-296.
  • 8Homer J, Ou X M, Schmidt D. A sound and practical approach to quantifying security risk in enterprise networks. Kansas State University: Technical Report 2009-3, 2009.
  • 9Singhal A, Ou X M. Security risk analysis of computer networks: Techniques and challenge//Proceedings of the 16th ACM Computer and Communications Security(CCS). Chicago, USA, 2009.
  • 10Wang L Y, Singhal A, Jajodia S. Measuring the overall security of network configurations using attack graphs//Proceedings of the 21th IFIP WG 11. 3 Working Conference on Data and Applications Security (DBSee). Redondo Beach, CA, USA, 2007:98-112.

共引文献79

同被引文献3

引证文献1

计算机安全
2013年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部